
2 

J 

CUSTOMER 
TRUSTED AGENT 



MONEY MODULE 



MERCHANDISE: 

TICKET OR 
TICKET & OBJECT 

: 



MONEY 



I 

MERCHANT 
TRUSTED AGENT 



MONEY MODULE 



T 



Figure 1 



EJ201076828US 



IDENTIFIER 


COMPONENTS 


ISSUER 
SIGNATURE 


ISSUER 
CERTIFICATE 


TRANSFER 
HISTORY 


SENDER 
SIGNATURES 


,'o 


1 \ 1 . 1 
^\ >s 72 \ 74 / 16 

^ \ 8 


I 

18 





I 

/ 



MERCHANT/ 
AUTHORITY 


RECEIVER 


TICKET 
TYPE 


1 % 

■ \ 

■ \ 

I % 

. \ 


RECEIVER 
ID'S 


SENDER 
ID'S 


SENDER 
CERTS 


DATE/ 
TIMES 


1 

22 


1 

24 


1 

26 * 


■ V 
1 N 

1 \ 

-J 


1 

28 


I 

30 


1 

32 


I 

34 





OBJECT 


DECRYPTION 


PURCHASE 


DATE OF 


OBJECT 


USAGE 


IDENTIFIER 


KEY 


PRICE 


PURCHASE 


SIGNATURE 



36- 



Driver's License 



38 



40 



42 



44 



46 



NAME 


ADDRESS 


PICTURE AND 

PHYSICAL 
DESCRIPTION 


SIGNATURE 
OF DRIVER 


EXPIRATION 
DATE 


STATUS 


IN USE 



48- 



Corporate Seal 



50 



52 



54 



56 



58 



60 



62- 



CORPORATE 
NAME 


ADDRESS 


TAXPAYER 
ID 


EXPIRATION 
DATE 


IN USE 



Transportation 



64 



66 



68 



70 



72- 
Event 



CARRIER 
NAME 


TRIP 
NUMBER 


DEPARTURE 


ARRIVAL 


PURCHASE 
PRICE 


DATE OF 
PURCHASE 


STATUS 


IN USE 




1 

74 


1 

76 


1 

78 


1 

80 


1 

82 


1 

84 


I 

86 



88- 



EVENT 
IDENTITY 



LOCATION 



DATE 



Communications 



90 



r 

92 



SEAT 
NUMBER 



PURCHASE 
PRICE 



DATE OF 
PURCHASE 



STATUS 



IN USE 



1^ 
94 



96 



98 



100 



102 



104- 


CARRIER 
IDENTITY 


TIME 
PURCHASED 


CHANNEL/ 
FREQUENCY 


PURCHASE 
PRICE 


DATE 
OF 
PURCHASE 


DECRYPTION 
KEYS 


TIME 
AVAILABLE 


IN USE 






1 

106 


1 

708 


1 1 
T70 772 

Figure 2 


1 

774 


I I 
776 778 



722 
I 



728 



720- 



732- 



Communications 


Transaction 
Application 
1 


Transaction 
Application 
2 


*«* 


Transaction 
Application 
n 


Human/ 
Machine 
Interface 


Message 
Manager 


Date/Time 




Trusted 
Agent 



734 



-130 

124 
\-136 



126 




6~ 



Money 
Module 



Figure 3 



738 

I 



EXTERNAL INTERFACE 
MESSAGE INTERFACE 
SESSION MANAGER 
SECURITY MANAGER 
TICKET HOLDER 




148 TO MONEY MODULE 



SYMMETRIC KEY 



CRYPTOGRAPHY 

PUBLIC KEY 



DATE/TIME 



RANDOM NUMBER 
GENERATOR 



Figure 4 A 



-140 

-142 
-144 
-150 
154 
156 



158 



164 



160 



PURCHASE 


I ^ 

TO 
HOST 


r- ' 

TRAN 
LOG 


PRESENT 
TICKET 

I ' 


ACQUIRE 
CREDENTIAL 


INITIATE 
DISPUTE 



766' 

Figure 4B 



168 



PURCHASE 


| L 

TO 
HOST 


r ' 

TRAN 
LOG 


RECEIVE 
TICKET 

i 


ACQUIRE 

CREDENTIAL 

1 - 1 


RESOLVE 
DISPUTE 



Figure 4C 



178 



CREATE 
CREDENTIAL 


■ 1 

TO HOST 


1 ' 

TRAN LOG 


RECEIVE 
TICKET 

i 1 


REVALIDATE 

CREDENTIAL 

i ■■ — -1 


ACQUIRE 
CREDENTIAL 



Figure 4D 



Customer 
Transaction 
Device 



-788 



270- 



204- 



Authority 
Server 



Trusted 
Server 

200 



Authority 
Transaction 
Device 




200 



Trusted 
Server 



Merchant 
Transaction 
Device 



I 

798 



Merchandise 
Server 



796 



Figure 5 



Primary 
Trusted 
Server 



-210 



Certificate (TS) 



Trusted 
Server 



Certificate (TA) 



r200 



Certificate (TA) 





Customer 




Merchant 




2~ 


Trusted 


4" 


Trusted 






Agent 




Agent 





Figure 6A 



Certificate (TA) 



Authority 
Trusted 
Agent 



-272 



214 
276-1 



278- 



228- 



Security 
Manager 



Communications 



Session Manager 



220 

Untrusted 

List 
Manager 



222 

Certify 



224 

Resolve 
Dispute 



Date/ 
Time 



Cryptography 
Symmetric Key \" Public Key 



-226 



Figure 6B 



TRAN LOG X 



-230 



UPDATE TRAN LOG 



TO HOST X 



-232 



NOTIFY END OF TRANSACTION 

Y 

-234 



SESSION MANAGER X 



NOTE END OF SESSION 



(^r^rn) 
Figure 7 A 



SESSION MANAGER X -236 



ROLL BACK CHANGES AND 
NOTE AGENT ABORTED 



I 



TO HOST X 



SEND MESSAGE TO HOST 
TRANSACTION ABORTED 



( return ) 



-238 



Figure 7B 



OWNER OF TRUSTED AGENT 
A DECIDES TO RECERTIFY 
AGENT 



-240 



HOST TRANSACTION 
APPLICATION CONNECTS TO 
TRUSTED SERVER B 



-242 



ESTABLISH SESSION 

A->B 



-244 



SECURITY MANAGER A 



-246 



REQUEST NEW PUBLIC AND 
PRIVATE KEY • 



PUBLIC KEY A 



GENERATE NEW KEYS AND 
SIGN NEW PUBLIC KEY WITH 
OLD PRIVATE KEY 



■248 



SECURITY MANAGER A 



ASSEMBLE NEW PUBLIC KEY 
WITH SIGNATURE AND 
VERSION NUMBER OF 
UNTRUSTED LIST IN 
MESSAGE TO B 



250 



SEND MESSAGE 

A->B 
♦ 



-252 



TRUSTED SERVER B -254 



RECEIVE A'S NEW PUBLIC KEY 
WITH SIGNATURE AND 
UNTRUSTED LIST 
VERSION NUMBER 



TRUSTED SERVER B -256 



VALIDATE SIGNATURE 
T 



<3> 



Figure 8A 




260 
I 



ABORT TRANSACTION 

B ~> A 



TRUSTED SERVER B 



-262 



CREATE NEW CERTIFICATE 

AND SEND TO A WITH 
UNTRUSTED LIST UPDATE 
AND PRIMARY TRUSTED 
SERVER LIST UPDATE 



T 




END 



SEND MESSAGE 

B->A 



-264 



SECURITY MANAGER A -266 



RECEIVE MESSAGE 
Y 



PUBLIC KEY A 



-268 



VALIDATE CERTIFICATE 



270 



YES 




NO 



SECURITY MANAGER A 



-286 



UPDATE CERTIFICATE, 
UNTRUSTED LIST, AND 
PRIMARY TRUSTED 
SERVER LIST 



272- 



SECURITY MANAGER A 



CHECK IF > 3 TIMES 



Figure 8B 



0 

t 

COMMIT A 



SEND MESSAGE 
CERTIFICATE UPDATED 



SEND MESSAGE 

A->B 



TRUSTED SERVER B 



-288 



SECURITY MANAGER A -290 



276 
l 




TRAN LOG A 


YES 


RECORD FAILED TO 





RECERTIFY 




t 





278- 



-292 



ABORT TRANSACTION 

A->B 




280 



SECURITY MANAGER A 



SEND MESSAGE 
SIGNATURE INVALID 



RECEIVE MESSAGE AND NOTE 
A RECERTIFIED 

— : T 

END 



■294 




END 



282" 



t 



SEND MESSAGE 

A-> B 



284- TRUSTED SERVER B 




RECEIVE MESSAGE 



Figure 8C 



SESSION MANAGER X 



-296 



REQUEST CERTIFICATE 



SECURITY MANAGER X -298 



SEND CERTIFICATE TO 
SESSION MANAGER 

T 



SESSION MANAGER X -300 



SEND CERTIFICATE TOY 



SESSION MANAGER Y 



RECEIVE CERTIFICATE 



SECURITY MANAGER Y 



RECEIVE CERTIFICATE FROM 
SESSION MANAGER 



I 



PUBLIC KEY Y 



VERIFY X'S CERTIFICATE 



■302 



304 



■306 





SECURITY MANAGER Y 



-374 



CHECK IF X IS ON 
UNTRUSTED LIST 




YES 




SESSION MANAGER Y 




NOTE SESSION TERMINATED, 
SEND MESSAGE TRANSAC- 
TION DENIED TO X 



■370 



0 



Figure 9 A 




372-. 



SESSION MANAGER X 



NOTE SESSION 
TERMINATED 

— I 

END 





RANDOM NUMBER 
GENERATOR Y 



-378 



CREATE RANDOM 
NUMBER R(Y) AND 
Y VERIFICATION MESSAGE 



I 



SECURITY MANAGER Y 



-320 



ASSEMBLE R(Y),Y 
VERIFICATION MESSAGE, AND 
CERTIFICATE Y IN MESSAGE TO X 



I 



PUBLIC KEY Y 



-322 



ENCRYPTTHE MESSAGE WITH 
X'S PUBLIC KEY 

J ~ 



SESSION MANAGER Y 



-324 



SEND ENCRYPTED 
MESSAGE TO X 

t 



SESSION MANAGER X 



-326 



RECEIVE MESSAGE 



PUBLIC KEY X 



-328 



DECRYPT MESSAGE AND 
VERIFY Y'S CERTIFICATE 




Figure 9B 




336- 



SECURITY MANAGER X 



CHECK IF Y IS ON 
UNTRUSTED LIST 




340- 



GENERATORX 



CREATE RANDOM NUMBER 
R(X) AND X VERIFICATION 
MESSAGE 



342- 



D ATE/TIME X 



344- 



PASS CURRENT TIME TO 
SECURITY MANAGER 

I 



SECURITY MANAGER X 



346~ 



FORM SESSION KEY (TA/TA) 
R(X) XOR R(Y) AND ASSEMBLE 
X AND Y VERIFICATION MES- 
SAGES, DATE/TIME, AND R(X) 
IN A MESSAGE 

I 



PUBLIC KEY X 



348- 



ENCRYPT THE MESSAGE WITH 
Y'S PUBLI C KEY 

i 



SESSION MANAGER X 



350- SESSION MANAGER Y 



SEND ENCRYPTED 
MESSAGE TOY 



RECEIVE MESSAGE 
I . 




YES 




SESSION MANAGER X 


► 


NOTE SESSION TERMINATED 






AND SEND MESSAGE 






TRANSACTION DENIED TO Y 









-332 



SESSION MANAGER Y -334 



NOTE SESSION 
TERMINATED 



(^END^) 



Figure 9C 





352- 



PUBL1C KEY Y 



DECRYPT MESSAGE 
I 



354- 



SECURITY MANAGER Y 



CHECK Y VERIFICATION 
MESSAGE ' 




358- 



SESSION MANAGER Y 



NOTE START OF SESSION 



360- 



SECURITY MANAGER Y 



362- 



FORM SESSION KEY (TA/TA) 
R(X) XOR R(Y) 



DATE/TIME Y 



364- 



SEND CURRENT DATE/TIME TO 
SECURITY MA NAGER 

t 



SECURITY MANAGER Y 



366- 



ASSEMBLE ACKNOWLEDGE- 
MENT, X VERIFICATION 
MESSAGE, ANDY'S DATE/ 
TIME IN A MESSAGE TO X 

I 



SEND MESSAGE 

Y->X " 



T 



368- 



SECURITY MANAGER X 



RECEIVE ACKNOWLEDGE- 
MENT, X VERIFICATION 
MESSAGE, AND Y'S DATE/TIME 



Figure 9D 



□ 
y 

yi 
03 




370- 



SECUR1TY MANAGER X 



CHECK X VERIFICATION 
MESSAGE 




374- 



SESSION MANAGER X 



NOTE START OF SESSION 




□ 

iil 
m 

*I3 



F/gure 9£ 



SYMMETRIC KEY X 



ENCRYPT MESSAGE WITH 
SESSION KEY (TA/ TA) 



■376 



MESSAGE INTERFACE X 



-378 



FORMAT MESSAGE AND SEND 
TO HOST MESSAGE MANAGER 



HOST MESSAGE 
MANAGER X 



-380 



ROUTE MESSAGE TO 
• COMMUNICATIONS 



HOST MESSAGE 
MANAGER Y 



-382 



RECEIVE MESSAGE AND SEND 
TO MESSAGE INT ERFACE Y 

t 



MESSAGE INTERFACE Y -384 



STRIP OUT TH E MESSAGE 
t 



SYMMETRIC KEY Y -386 



DECRYPT MESSAGE WITH 
SESSION KEY (TA/TA) 



(^r^rn) 



Figure 10 




ABORT X 


-388 


t 




SESSION MANAGER X 


-390 


SEND MESSAGE 
TRANSACTION ABORTED 




t 




SEND MESSAGE 


-392 


X->Y 




t 




SESSION MANAGER Y 


-394 


RECEIVE MESSAGE 




i 




ABORT Y 


-396 



RETURN 



Figure 1 1 



BUYER TRANSACTION 
APPLICATION (BTA) OF 
CUSTOMER TRANSACTION 
DEVICE CONNECTS TO 
MERCHANT SERVER (MS) 



T 



-398 



CUSTOMER CHOOSES 
MERCHANDISE 



T 



-400 



BTA SENDS MS IDENTITY OF 
MERCHANDISE TO PURCHASE 



-402 



BTA SENDS MESSAGE 
TO TRUSTED AGENT A OF 
CUSTOMER TRANSACTION 
DEVICE TO BUY WITH IDENTITY 
OF MERCHANDISE 



406 

I 



MS SENDS MESSAGE TO 
TRUSTED AGENT B OF 
MERCHANT TRANSACTION 
DEVICE TO SELL WITH IDENTITY 
OF MERCHANDISE 



ESTABLISH SESSION 

A-> B 

t 



-408 



& 



CHECK CREDENTIAL 

A->B 



■410 



PURCHASE B 



-412 



REQUEST MERCHANDISE 

FROM 
MERCHANDISE SERVER 

J. 



MERCHANDISE SERVER -414 



RETRIEVE MERCHANDISE AND 
SEND TO B 



PURCHASE B 



-416 



RECEIVE MERCHANDISE AND 
VALIDATE IDENTITY 



Figure 12 A 



424- 




ABORT TRANSACTION 

B->A 



426~ 



PURCHASE A 



SEND MESSAGE TO HOST 
TRANSACTION APPLICATION 
REQUESTING PAYMENT 
METHOD 




END 



430- 



434- 




AUTHORIZATION-BASED 
PAYMENT/REFUND 

A-> B 



-432 



Figure 12B 



120 



120 



O 

y 
l.fc 

•p 

w 

03 

Si 

□ 
Ul 
!== 




436 



-6 




6- 



Money 
Module 



Figure 13 



PURCHASE X 



REQUEST CREDENTIAL FROM Y 
——J— 



SEND MESSAGE 

X->Y 



■444 



•446 



PURCHASE Y 



-448 



RECEIVE MESSAGE 



TICKET HOLDER Y 



-450 



RETRIEVE CREDENTIAL AND 
SEND TO X 



SEND MESSAGE 

Y->X 



-452 



SECURITY MANAGER X 



-454 



VALIDATE CREDENTIAL 



456 





458 

_j 



ABORT TRANSACTION 

X->Y 



TO HOST X 



-460 



SEND CREDENTIAL 
INFORMATION TO HTA FOR 
CONFIRMATION 

? 

462 T 




END 




Figure 14 



464- 



PURCHASE B 



CHECK IF MERCHANDISE IS 
ONLY A TICKET 



466 




NO 




RANDOM NUMBER 


te> 


GENERATOR B 




CREATE RANDOM KEY 



468~. 



TICKET HOLDER B 



CREATE TICKET 



± 



470- . 



PURCHASE B 



SEND TICKET TO A 
t 



472- 



SEND MESSAGE 

B->A 
t 



474- 



PURCHASEA 



RECEIVE MESSAGE AND CHECK 
IF TICKET IS CORRECT 



NO 



486- 




PURCHASE A 



SEND TICKET INFORMATION 
TO HOST TRANSACTION 
APPLICATION FOR PURCHASER 
CONFIRMATION 



-494 



SYMMETRIC KEY B 



-496 



ENCRYPT ELECTRONIC OBJECT 
(EO) WITH RANDOM KEY 

— i 



PUBLIC KEY B 



-498 



SIGN THE ENCRYPTED EO 



I 



TICKET HOLDER B 



-500 



CREATE DECRYPTION TICKET 
CONTAINING OBJECT IDENTIFIER, 
RANDOM KEY, PRICE, SIGNATURE, 
ISSUER CERTIFICATE, ETC 



PURCHASE B 



-502 



SEND ENCRYPTED OBJECT 
AND DECRYPTION TICKET TO A 

f 



SEND MESSAGE 

. B->A 



T 



PURCHASE A 



RECEIVE MESSAGE AND 
PASS ENCRYPTED EO TO HOST 
AND RETAIN HEADER 
INFORMATION 



■504 



506 



PUBLIC KEY A 



-508 



VERIFY ENCRYPTED EO 
SIGNATURE 



Figure 15 A 




572- 



SYMMETRIC KEY A 



DECRYPT HEADER WITH 
RANDOM KEY 



1 



574" 



PURCHASE A 



CHECK IDENTITY OF EO AND 
DECRYPTION TICKET 




578- 



(•> 



PURCHASE A 



SEND DECRYPTED HEADER AND 
PRICE TO HOST TRANSACTION 
APPLICATION FOR PURCHASER 
CONFIRMATION - 



488 




CONFIRM? 

YES 



490- 



PURCHASE A 



SEND TICKET TO TICKET HOLDER 



492~ 



I 



TICKET HOLDER A 



RECEIVE TICKET 




RETURN 




PURCHASE A 



-478 



PURCHASE TRANSACTION? 



480 




ABORT TRANSACTION 

A->B 




END 



Figure 15B 



RANDOM NUMBER 
GENERATOR X 



-520 



CREATE RANDOM R(1) 
1 



PURCHASE X 



-522 



SEND MESSAGE MONEY 
MODULE PAYMENT AND R(1) 



T 



SEND MESSAGE 

X->Y 

T 



-524 



PURCHASE Y 



-526 



□ 



RECEIVE MESSAGE 



SECURITY MANAGER Y -528 



RECEIVE R(1) 
t 



Ml 



RANDOM NUMBER 
GENERATOR Y 



-530 



CREATE RANDOM R(2) AND 
SEND TO X 



SEND MESSAGE 

Y->X 



■532 



534- 



SECURITY MANAGER X 



RECEIVE R(2), FORM SESSION 
KEY (TA/MM) R(1) XOR R(2) 



SECURITY MANAGER Y 



-536 



FORM SESSION KEY (TA/MM) 
R(1)XORR(2) 



Figure 16A 




538- 



10 MONEY MODULE X 



SEND "MAKE PAYMENT" AND 
R(1) TO MONEY MODULE X 



T 




TO MONEY MODULE Y 



SEND 'RECEIVE PAYMENT* AND 
R(2) TO MONEY MODULE Y 



T 



■540 



542- 



MONEY MODULE X 



RECEIVE "MAKE PAYMENT" 
AND R(1) 



MONEY MODULE Y 



-544 



RECEIVE "RECEIVE PAYMENT" 
AND R(2) 



ESTABLISH SESSION 
MONEY MODULES 

MM X -> MM Y 
VIA SESSION OF TRUSTED 
AGENTS X ANDY 

I ~ 



-546 



MM MAINTAIN SECURITY X 



SEND R(1) TOMMY 
- i 



SEND ROUTED MESSAGE 

MMX-> MM Y 



■548 



■550 



1 



MM MAINTAIN SECURITY Y 



-552 



FORM R(1)XOR R(2) SESSION 
KEY (TA/MM) AND SEND 
R(2)TOMMX 

I 



SEND ROUTED MESSAGE 

MM Y-> MMX 
t 



-554 



MM MAINTAIN SECURITY X 



-556 



FORMR(1)XOR R(2) 
SESSION KEY (TA/MM) 

T 



Figure 16B 




558- 



MM TO SUBSCRIBER X 



PROMPT FOR AMOUNT OF 
PAYMENT BY TYPE OF NOTE 



± 



560- 



SEND MM/TA MESSAGE X 



562" 



PURCHASE X 



SEND AMOUNT BY TYPE OF 
NOTE TO MONEY M ODULE 

t 



© 



564- 



SEND TA/MM MESSAGE X 



566- 



MM PAY/EXHANGE X 



RECEIVE AMOUNT BY 
TYPE OF NOTE 

1 



568- 



MM NOTE DIRECTORY X 



CHECK SUFFICIENT FUNDS 




600- 



MM PAY/EXCHANGE X 



602- 



SEND MESSAGE OF AMOUNT 
BY TYPE OF NOTE TOMMY 



SEND E-ROUTED MESSAGE 

MMX -> MM Y 
I 



604- 



MM TO SUBSCRIBER Y 



PROMPT TO VERIFY 
AMOUNT BY 
TYPE OF NOTE 




MM TO SUBSCRIBER X -572 



PROMPT FOR NEW 
AMOUNT BY TYPE OF NOTE 



T 



SEND MM/TA MESSAGE X\-574 



PURCHASE X 



-576 



SEND MESSAGE FOR 
SAME AMOUNT BY 
TYPE OF NOTE 

T 




MM ABORT TRANSACTION 

MMX-> MM Y 
(E-ROUTED MESSAGES) 



7 




-582 



Figure 16C 




606- SEND MM/TA MESSAGE Y 



608- 



PURCHASE Y 



VERIFY IF AMOUNT IS CORRECT 




672 
_I 



PURCHASE Y 



SEND MESSAGE 
CORRECT AMOUNT 



674- 



PURCHASEY 



SEND MESSAGE 
INCORRECT AMOUNT 



616-] SEND TA/MM MESSAGE Y 

T 



678 




620 

_L 



NO 


MM PAY/EXCHANGE Y 


SEND MESSAGE 
AMOUNT BY TYPE 
OF NOTE INCORRECT 


> ► 



624- 



MM PAY/EXCHANGE Y 



SEND ACKNOWLEDGEMENT 



626~ 



T 



SEND E-ROUTED MESSAGE 



MM Y -> MMX 
1 



SEND E-ROUTED MESSAGE 



MM Y-> MMX 



628- 



I 



622 



MM PAY/EXCHANGE X 



RECEIVE ACKNOWLEDGEMENT, 
PASS AMOUNT TO 
MONEY HOLDER 



~3Z 



Figure 16D 




MM TRANSFER NOTES 

MMX-> MM Y 
(E-ROUTED MESSAGES) 




T 



-630 



MM COMMIT 

MM Y-> MM X 
(E-ROUTED MESSAGES) 



-632 




5 84-\ SEND MM/TA MESSAGE X 



SEND MM/TA MESSAGE Y S86 



588- SESSION MANAGER X 



CHECK IF PAYMENT 
SUCCESSFUL 



596 
J 



ABORT X 




SESSION MANAGER Y -590 



CHECK IF PAYMENT 
SUCCESSFUL 



634- 



TICKET HOLDER X 



UPDATE TICKET WITH 
PAYMENT INFOR MATION 

- V 



636- 



COMMITX 





RETURN 



Figure 16E 



MM SYMMETRIC KEYX 



-640 



ENCRYPT MESSAGE WITH 
SESSION KEY (MM/MM) 

I 



MM SESSION MANAGER X 



-642 



SEND MESSAGE TO HOST 
MESSAGE MANAGER X 



HOST MESSAGE MANAGER X 



SEND MESSAGE TO MESSAGE 
INTERFACE X 

i 



■644 



MESSAGE INTERFACE X 



-646 



SEND MESSAGE TO MESSAGE 
INTERFACE Y 

I 



SEND MESSAGE 

X->Y 

t 



-648 



MESSAGE INTERFACE Y 



SEND MESSAGE TO HOST 
MESSAGE MANAGER Y 



T 



650 



HOST MESSAGE MANAGER Y -652 



SEND MESSAGE TO MONEY 
MODULE Y 



MM SESSION MANAGER Y 



RECEIVE MESSAGE 



I 



MM SYMMETRIC KEY Y 



DECRYPT MESSAGE WITH 
SESSION KEY (MM/MM) 



( Return ) 



654 



■656 



Figure 17 



* 



MM SYMMETRIC KEY X 


■658 


ENCRYPT WITH 
SESSION KEY (TA/MM) 








MM SESSION MANAGER X 


r660 


SEND MESSAGE TO HOST 




t 




HOST MESSAGE 
MANAGER X 


-662 


SEND MESSAGE TO MESSAGE 
INTERFACE X 




* 




MESSAGE INTERFACE X 


-664 


RECEIVE MESSAGE 




I 


SYMMETRIC KEY X 


-666 


DECRYPT WITH SESSION KEY 
(TA/MM) 





♦ 



RETURN 



Figure 18 



• 



SYMMETRIC KEY X 


-668 


ENCRYPT WITH SESSION KEY 
(TA/MM) 




t 




MESSAGE INTERFACE X 


-670 


SEND MESSAGE TO HOST 




t 




HOST MESSAGE 
MANAGER X 


-672 


SEND MESSAGE TO MM 
SESSION MANAGER X 








MM SESSION MANAGER X 


-674 


RECEIVE MESSAGE 




1 




MM SYMMETRIC KEY X 


-676 


DECRYPT WITH SESSION KEY 
(TA/MM) 





T 



RETURN 



Figure 19 



# 



MM SYMMETRIC KEY X 


-678 


ENCRYPT MESSAGE WITH 
^F^ION KFY (MfrA/MbA) 

JL-JJIV-ZIN l\t_ 1 \IYIIVl/ IV1IVI/ 




+ 




SEND MM/TA MESSAGE X 


-680 






MESSAGE INTERFACE X 


-682 


SEND MESSAGE TO MESSAGE 
INTERFACE Y 




I 




SEND MESSAGE 

X -> Y ' 


-684 


t 




MESSAGE INTERFACE Y 


-686 


RECEIVE MESSAGE 








SEND TA/MM MESSAGE Y 


-688 


1 




MM SYMMETRIC KEY Y 


-690 


DECRYPT MESSAGE WITH 
SESSION KEY (MM/MM) 





1 



RETURN 



Figure 20 



692- 



TICKET HOLDER X 



RETRIEVE CREDIT CARD OR 
DEBIT CARD CREDENTIAL 



694- 



PURCHASE X 



SEND MESSAGE: CREDENTIAL 
PAYMENT AND CREDE NTIAL 



696- 



698- 



SEND MESSAGE 

X->Y 



PURCHASE Y 



VALIDATE CREDENTIAL 



700 





ABORT TRANSACTION 

Y->X 



704- 



726- 



TO HOSTY 



SEND MESSAGE WITH 
AMOUNT AND CREDENTIAL 
FOR REFUND 



Figure 21 A 



• 




CARD AUTHORIZATION 
PROCESS 




-728 



PURCHASE Y 



-730 



CHECK IF REFUND AUTHORIZED 



TO HOST Y 



SEND PRICE AND CREDENTIAL 
TO CARD AUTHORIZATION 
NETWORK FOR PAYMENT 
AUTHORIZATION 




708 



CARD AUTHORIZATION 
PROCESS 



PURCHASE Y 



-734 



SEND MESSAGE REFUND 
AUTHORIZED 



~T~ 



i 



770 



PURCHASE Y 



-772 



CHECK IF PAYMENT 
AUTHORIZED 




& 



PURCHASE Y 



-776 



SEND MESSAGE PAYMENT 
AUTHORIZED 



SEND MESSAGE 

Y->X 



778 



722 

I 



720- 



COMMITY 



(r^rn) 



TICKET HOLDER X 



724- 



UPDATE TICKET WITH 
PAYMENT/REFUND 
INFORM ATION 



COMMIT X 



I 

RETURN 




Figure 21 B 



1 



736-. 



PURCHASE A 



CHECK IF MERCHANDISE IS EO 




NO 



740- 



TICKET HOLDER A 



SEND DECRYPTION KEY AND EO 
IDENTIFIER TO HTA 



742- 



HTA 



RECEIVE DECRYPTION KEY 
AND EO IDENTIFIER FOR 
DECRYPTION OF EO 




END 



744 




746- 



TICKET HOLDER A 



748- 



SEND DECRYPTION KEY TO HTA 



HTA 



RECEIVE DECRYPTION KEY FOR 
DECRYPTION OF COMMUNICATION 




END 



Figure 22 



OWNER OF CUSTOMER 
TRUSTED AGENT A WANTS TO 
RECEIVE SERVICE FROM 
OWNER OF MERCHANT 
TRUSTED AGENT B 



I 



-750 



HOST TRANSACTION 
APPLICATION A (HTA) 

CONNECTS TO 
HOST TRANSACTION 
APPLICATION B (HTB) 



-752 



754- 



HTA 



SEND MESSAGE TO TRUSTED 
AGENT A TO PRESENT TICKET 




HTB 



-756 



SEND MESSAGE TO TRUSTED 
AGENT B TO RECEIVE TICKET 




© 





ESTABLISH SESSION 


H *~ 


A->B 


i 




CHECK CREDENTIAL 

A->B 


i 




TICKET HOLDER A 




REQUEST TICKET ID FROM 
HOST AND PRESENT LIST 






TO HOST A 




SEND MESSAGE TO HTA WITH 
TICKET LIST IN ORDER TO 
CHOOSE TICKET 






HTA 




SEND TICKET ID TO TRUSTED 
AGENT A 






TO HOST A 




RECEIVE MESSAGE 




Figure 23 A 



758 



'760 



-762 



-764 



■766 



-768 




770- 



TICKET HOLDER A 



RETRIEVE TICKET AND 
CHECK IF ACTIVE 




778- 



PRESENT TICKET A 



SEND COPY OF TICKE T TO B 
T 



780- 



SEND MESSAGE 

A-->B 



782- 



RECEIVE TICKET B 



RECEIVE TICKET AND CHECK IF 
VALID AND ACTIVE 




788- 



TO HOST B 



790- 



NOTIFY HTB TO DELIVER SER- 
VICE TO HTA AND VALUE OF 
A'S TICKET 

+ 



RECEIVE TICKET B 



SEND MESSAGE TO A THAT 
TICKET IS IN USE 



792- 



SEND MESSAGE 

B -> A 



5> 



774 
_J 



TO HOST A 



SEND MESSAGE 
TICKET INACTIVE 



776 
_J 



ABORT TRANSACTION 

A->B 




END. 



786 

_! 



ABORT TRANSACTION 

B-> A 



(^END^) 



Figure 23B 




-794 





TICKET HOLDER A 




MARK TICKET IN USE 




) 




HTA INTERACTS WITH HTB 



-796 



872- 



HTA 

CHECK IF OWNER OF HTA HAS 
COMPLETED TRANSACTION 




HTB 

CHECK IF TICKET 
VALUE IS ZERO 



-798 



HTA 



SEND MESSAGE TO HTB 
TRANSACTION COMPLETE 

t 



■876 




YES 



HTB 



-878 



SEND MESSAGE TO B 
TRANSACTION COMPLETE AND 
VALUE OF TRANSACTION 



I 



COMMIT TICKET 

B->A 

^END^ ) 



-820 



Figure 23C 



• 




HTB 



-802 



NOTIFY HTA OF 
INSUFFICIENT VALUE AND 
SEND MESSAGE TO TRUSTED 
AGENT B THAT TICKET 
IS VALUELESS 



I 



COMMIT TICKET 

B->A 



HTA 




-804 



-806 



INQUIRE IF CUSTOMER 
WISHES TO CONTINUE 



870 



YES 



PURCHASE OF 
ELECTRONIC MERCHANDISE 



Figure 23D 



RECEIVE TICKET B 


■822 


SEND NEW VALUE TO A 




1 




SEND MESSAGE 

B-> A 


-824 


t 




PRESENT TICKET A 


-826 


RECEIVE MESSAGE 




1 




TICKET HOLDER A 


-828 


MARK TICKET NOT IN USE, 




UPDATE VALUE 








COMMIT A 


-830 


t 




SESSION MANAGER A 


-832 


SEND MESSAGE TO B THAT 




TICKET IS UPDATED 




♦ 


COMMIT B 


-834 




Figure 24 



OWNER OF TRUSTED AGENT A 
WANTS TO TRANSFER TICKETS 
TO TRUSTED AGENT B 



I 



840- 



HOST TRANSACTION 
APPLICATION A (HTA) 

CONNECTS TO 
HOST TRANSACTION 
APPLICATION B (HTB) 



HTA 



SEND MESSAGE TO TRUSTED 
AGENT A TO TRANSFER TICKETS 



-836 



-838 



HTB 



-842 



SEND MESSAGE TO TRUSTED 
AGENT B TO RECEIVE TICKETS 



ESTABLISH SESSION 

A->B 



-844 



TO HOST A 



-846 



SEND MESSAGE TO HOST 
REQUESTING CREDENTIAL 
CHECK 

t 



HTA 



-848 



REQUEST OWNER WHETHER 
TO CHECK CREDENTIAL 



I 



TO HOST A 



-850 



RECEIVE REPLY 



856- 




YES 



854 

_| 



CHECK CREDENTIAL 

. A -> B 



TICKET HOLDER A 



REQUEST TICKET ID'S FROM 
HOST AND PRESENT LIST 



0 



Figure 25 A 




TO HOST A 



-858 



SEND MESSAGE TO HTA WITH 
TICKET LIST IN ORDER TO 
CHOOSE TICKETS 



HTA 



SEND TICKET ID'S TO 
TRUSTED AGE NT A 

t 



TO HOST A 



RECEIVE MES SAGE 



TICKET HOLDER A 



RETREIV E TICKETS 
t 



PUBLIC KEY A 



SIGN OVER TICKETS TO B 



TICKET HOLDER A 



SEND TICKETS TO B 



SEND MESSAGE 

A->B 



RECEIVE TICKET B 



RECEIVE TICKETS 
* 



PUBLIC KEY B 



VALIDATE TICKETS 




-860 



-862 



-864 



-866 



-868 



870 



-872 



-874 



878 



NO 


ABORT TRANSACTION 


> »» 


B-> A 




END 



Figure 25B 




TICKET HOLDER B 



-880 



STORE TICKETS AND SEND 
ACKNOWLEDGEMENT TO A 



I 



SEND MESSAGE 

B-->A 



■882 



TICKET HOLDER A 



RECEIVE ACKNOWLEDGEMENT 
AND SEND MESSAGE TO. B 
THAT TICKETS ARE DELETED 



■884 



SEND MESSAGE 

A->B 



-886 



888- 



COMMIT A 




END 



TICKET HOLDER B 



-890 



RECEIVE MESSAGE 



COMMIT B 

"^NcT^ 



■892 



Figure 25C 



OWNER OF TRUSTED AGENT A 
DECIDES TO ACQUIRE 
CREDENTIAL FROM 
IDENTIFICATION AUTHORITY 



I 



■894 



OWNER OF A PRESENTS 

PROOF OF IDENTITY 
TO REPRESENTATIVE OF 
IDENTIFICATION AUTHORITY 



X 



-896 



REPRESENTATIVE ENTERS INFOR- 
MATION ON HOST TRANSAC- , ono 
TION APPLICATION B (HTB) OF \ 898 
AUTHORITY TRUSTED AGENT 



900- 



OWNER OF A INSTRUCTS HOST 
TRANSACTION APPLICATION 
(HTA) TO ACQUIRE CREDENTIAL 



902- 



I 



HTA 



SEND MESSAGE TO AGENT A 
TO ACQUIRE CREDENTIAL 



HTB 



-904 



SEND MESSAGE TO AGENT B 
TO CREATE CREDENTIAL 



ESTABLISH SESSION 

B-> A 
t 



-906 



TO HOST B 



-908 



NOTIFY HTB THAT 
SESSION- IS ESTABLISHED 



T 



HTB 



-970 



SEND CREDENTIAL 
INFORMATIO N TO AGENT B 

» 



CREATE CREDENTIAL B 



CONSTRUCT CREDENTIAL 
INFORMATION 



912 



DELIVER CREDENTIAL "974 



(^entT^ 



Figure 26 



# 



PUBLIC KEYB 



-976 



SIGN CREDENTIAL 
INFORMATION AND SEND TO 
CREATE CREDENTIAL B 



CREATE CREDENTIAL B -978 



ASSEMBLE CREDENTIAL 
CONTAINING CREDENTIAL 
INFORMATION, SIGNATURE, 

AND CERTIFICATE. SEND 
CREDENTIAL AND PAYMENT 
AMOUNT (IF REQUIRED) TO A 



SEND MESSAGE 

B-> A 
t 



-920 



PUBLIC KEY A 



VERIFY CREDENTIAL 




922 




926 



ABORT TRANSACTION 

A->B 



928~ 



TO HOST A 



SEND CREDENTIAL 
INORMATION AND PAYMENT 
AMOUNT (IF REQUIRED) TO 

HTA TO CONFIRM 



(^END^) 




Figure 27 A 



932- 



TICKET HOLDER A 



RECEIVE CREDENTIAL AND 
CHECK IF PAYMENT REQUIRED 




936- 



COMMITA 



t 



938- 



SESSION MANAGER A 



SEND MESSAGE TO B THAT 
CREDENTIAL IS ACCEPTED 



940- 



SEND MESSAGE 

A->B 
~ f 



942~ 



COMMIT B 



944- 



CREATE CREDENTIAL B 



946- 



NOTIFY«HTBTHAT 
CREDENTIAL IS ACCEPTED 



HTB 



SEND CREDENTIAL 
INFORMATION TO 
AUTHORITY SERVER 



948 



TO HOST A 



REQUEST PAYMENT METHOD 




952 



954- 



AUTHORIZATION-BASED 
PAYMENT/REFUND 

A->B 



T 



MONEY MODULE 


PAYMENT 


A 


->B 


EXIT 




EXIT 


B 




A 




RETURN 




Figure 27B 



OWNER OF TRUSTED AGENT 
A DECIDES TO 
REVALIDATE CREDENTIAL 



-956 



HOST TRANSACTION 
APPLICATIONA (HTA) 
CONNECTS TO HOST 
TRANSACTION APPLICATION 
B (HTB) 



-958 



960- 



HTA 



SEND MESSAGE TO TRUSTED 
AGENT A TO 
REVALIDATE CREDENTIAL 



HTB 



SEND MESSAGE TO TRUSTED 
AGENT B TO RECEIVE 
CREDENTIAL FOR REVALIDATION 



962 



ESTABLISH SESSION 

A -> B 



-964 



CHECK CREDENTIAL 

A-> B 



-966 



ACQUIRE CREDENTIAL A 



-968 



REQUEST CREDENTIAL FROM 
TICKET HOLDER A 



TICKET HOLDER A 



SEND CREDE NTIAL TO B 
t 



970 



SEND MESSAGE 

A->B 



-972 



CREATE CREDENTIAL B 



-974 



CHECK IF CREDENTIAL 
IS VALID 




978 

_J 



ABORT TRANSACTION 

B->A 



Figure 28A 




980- 



CREATE CREDENTIAL B 



CHECK IF CREDENTIAL 
SHOULD BE REVALIDATED 
IN PERSON 




984 



NO 


CREATE CREDENTIAL B 


UPDATE CREDENTIAL 
INFORMATION 


> > 



988- 



CREATE CREDENTIAL B 



SEND MESSAGE TO 
REVALIDATE IN PERSON 

I 



986- 



E 



990- 



SEND MESSAGE 

B->A 
T 



DELIVER CREDENTIAL 

I 

END 




992" 



ACQUIRE CREDENTIAL A 



RECEIVE MESSAGE 
t 



994- 



COMMITA 



996- 



SESSION MANAGER A 



SEND ACKNOWLEDGEMENT 



998- 



SEND MESSAGE 

A->B 



7000- 



± 



COMMIT B 
T 

END 




Figure 28B 



THE OWNER OF TRUSTED 
AGENT A DECIDES TO MAKE 
IDENTITY-BASED MONEY 
MODULE PAYMENT TO 
OWNER OF TRUSTED AGENT B 



-7002 



HOST TRANSACTION 
APPLICATION A (HTA) 
CONNECTS TO HOST 

TRANSACTION 
APPLICATION B (HTB) 



-7004 



7006- 



HTA SENDS MESSAGE TO 
AGENT A TO PAY 




HTB SENDS MESSAGE TO 
AGENT B TO RECEIVE PAYMENT 




-7008 



ESTABLISH SESSION 

A->B 



-7070 



CHECK CREDENTIAL 

A->B 

t 



-7072 



PURCHASE A 



-7074 



SEND MESSAGE "DOES B 
REQUIRE A'S CREDENTIAL" 

z 



SEND MESSAGE 

A->B 

i 



-1016 



TO HOST B 



SEND MESSAGE TO HTB: 
"REQUIRE A'S CREDENTIAL?' 



7078 




7022 



CHECK CREDENTIAL 

B-> A 



Figure 29A 




PURCHASE B 



-1024 



SEND MESSAGE CREDENTIAL 
NOT REQUIRED 



T 



SEND MESSAGE 

B->A 



-1026 



PURCHASE A 



-7028 



SEND REMITTANCE ADVICE 
(IF REQUIRED) OR AMOUNT TO 
BE PAID TO B 



I 



SEND MESSAGE 

A->B 



-7030 



TO HOST B 



-7032 



SEND INFORMATION TO HTB 
FOR CONFIRMATION 




7036 

I 



ABORT TRANSACTION 

B->A 



PURCHASE B 



-7038 



SEND MESSAGE TO A THAT 
INFORMATION IS CONFIRMED 



(^END^ 



SEND MESSAGE 

. B -> A 

T 



-7040 



MONEY MODULE PAYMENT 

A->B 




-7042 



END 



Figure 29B 



OWNER OF TRUSTED AGENT A 
DECIDES TO RETURN 
ELECTRONIC MERCHANDISE 
TO THE MERCHANT OWNER 
OF TRUSTED AGENT B 



± 



HOST TRANSACTION 
APPLICATION A (HTA) 

CONNECTS TO 
HOST TRANSACTION 
APPLICATION B (HTB) 



-7044 



-7046 



7048" 



HTA SENDS MESSAGE TO A TO 
SEND DISPUTE 



HTB SENDS MESSAGE TO B TO 
RECEIVE DISPUTE 



-7050 



ESTABLISH SESSION 

A->B 



T 



-7052 



CHECK CREDENTIAL 

A->B 



-7054 



TRAN LOG A 



-7056 



SEND LOG TO HTA FOR 
CHOICE OF DISPUTE 



TO HOST A 



-7058 



SEND MESSAGE TO HTA 



OWNER CHOOSES 
TRANSACTION TO DISPUTE f-7060 
AND DESCRIBES PROBLEM 



I 



TO HOST A 



-7062 



RECEIVE DISPUTE INFORMATION 



I 



TICKET HOLDER A 



-7064 



SEND SELECTED TICKET TO 
INITIATE DISPUTE 



Figure 30A 




1066- 



INITIATE DISPUTE A 



DOES THE DISPUTE INVOLVE 
ANEO? 



7068 




1126 



YES 


INITIATE DISPUTE A 


' RETRIEVE EO IDENTIFIER 
FROM TICKET 





7070- 



INITIATE DISPUTE A 



SEND A COPY OF THE TICKET TO 
B WITH DISPUTE INFORMATION 



7 728- 



± 



TO HOST A 



SEND MESSAGE TO HTA 
"SEND EO" 



T 



7072" 



SEND MESSAGE 



A->B 



7 730- 



HTA 



SEND EO TO A 



7074- 



RESOLVE DISPUTE B 



RECEIVE MESSAGE 



7732- 



7076- 



± 



PURCHASE B 



VALIDATE TICKET INFORMATION 



NO 



7078 




± 



INITIATE DISPUTE A 



SEND A COPY OF TICKET 

AND EO TO B WITH 
DISPUTE INFORMATION 



7 734- 



SEND MESSAGE 

A~>B 



T 



7 736- 



7088- 



RESOLVE DISPUTE B 



SEND TICKET TO HTB WITH 
DISPUTE INFORMATION 

T 



RESOLVE DISPUTE B 



7 738- 



RECEIVE MESSAGE 



PURCHASE B 



7090- 



7094 



RESOLVE DISPUTE B 


YES 
«< < 


SEND MESSAGE 




DISPUTE DENIED 




t 






VALIDATE TICKET 
f 

<3> 



Figure 30B 



7740 



7 742- 




NO 



PURCHASE B 



7 746 

1 .._ 




RESOLVE DISPUTE B 


NO 


SEND MESSAGE EO 


-< < 


INVALID 





VALIDATE EO 



7744 



<3> 




7 748- 



SYMMETRIC KEY B 



7 750- 



DECRYPT EO AND SEND TO 
HTB FOR TESTING WITH 
DISPUTE INFORMATI ON 



HTB 



© 



7080 
J 




RESOLVE DISPUTE B 



SEND MESSAGE 
TICKET INVALID 



7082- 



SEND MESSAGE 

B->A 

r — 



7084- 



INITIATE DISPUTE A 



RECEIVE MESSAGE 



7086- 



COMMIT DISPUTE 




END 



DETERMINE IF EO DEFECTIVE 
BASED ON CUSTOMER 
COMPLAINT 



7 752 



7 754- 




YES 



RESOLVE DISPUTE B 



SEND MESSAGE EO 
NOT DEFECTIVE 



Figure 30C 




HTB 



-7096 



SEND MESSAGE TO HTA 
QUERYING CUSTOMER FOR 
RESOLUTION 



HTA 



CUSTOMER CHOOSES MONEY 
BACK OR NEW MERCHANDISE 



-7098 




Figure 30D 




PURCHASE B 



-1104 



REQUEST MERCHANDISE 
FROM MERCHANDI SE SERVER 

i 



MERCHANDISE SERVER 



-7 706 



RETRIEVE MERCHANDISE 
■ % AND SEND TO B 



PURCHASE B 



-7 708 



RECEIVE MERCHANDISE 
AND VALIDATE IDENTITY 



77 70 




7 720- 



DELIVER MERCHANDISE 



7722- 



T 



OPEN MERCHANDISE 



7724- COMMIT DISPUTE 




END 




RESOLVE DISPUTE B -7 7 74 



SEND MESSAGE 
MERCHANDISE UNAVAILABLE 



T 



SEND MESSAGE 

B-> A 



-7 7 76 



PAY DISPUTE 




-7 7 78 



END 



Figure 30E 



COMMIT A 


-J 


i 




SESSION MANAGER A 




C C K \ r\ 1 AC C~ C A f~~ T~ TV"\ OVA /IT1 1 

SEND MESSAGE TO B WITH 
ACKNOWLEDGEMENT 




t 




SEND MESSAGE 




A -> B 




+ 




SESSION MANAGER B 




RECEIVE MESSAGE 




t 




COMMIT B 





7 760 
7 762 




Figure 3 1 



# 



7 776 

_1 



PURCHASE B 



SEND MESSAGE TO A WITH 
REFUND AMOUNT 



SEND MESSAGE 

B- >A 



INITIATE DISPUTE A 



-7 766 



SEND MESSAGE REQUEST 
MONEY BACK TO B 



I 



SEND MESSAGE 

A->B 



■7 768 



RESOLVE DISPUTE B 



-7 770 



RECEIVE MESSAGE, CHECK A'S 
PAYMENT METHOD 




YES 



7 774 



MONEY MODULE PAYMENT 

B -> A 




RETURN 



AUTHORIZATION-BASED 
PAYMENT/REFUND 

A->B 



(r eturn ^) 



-7 780 



Figure 32 



• 



1186 

_j 



Transaction 
Money 
Module 




-1182 



Certificate (SS) 



1184 



Certificate (M) 



1188 
i 



Teller 

Money 

Module 



1190 
__L 



Money 
Generator 
Module 



u 1192 

I 

Customer 
Service 
Module 



Figure 33 A 



1182 
i 


Security Network Encryption Key 




1184 
1 


Primary 
Security 
Server 


SS, M Public Key Lengths 


— »- 


Security 
Server 


Bad ID List 


— ► 


Primarv <U»riiritv Sprvpr PK List 


4 




— Global Recertification — - — 



Figure 33B 




Module 
Manufacturing LAN 




7202 



1204 



1184 

_| 



Security 
Server 





Security 
Network 







Security 
Server 







-1184 



1200 



Transaction 
Money 
Module * 



Customer 
Service 
Module 



-1192 




Security Server 
Manufacturing LAN. 




Primary 
Security 
Server 



T 



-1182 



Security 
LAN 




7 794 





Money 




1 — 


Generator 


-7790 




Module 





-7 788 



7 782 



Figure 34 



7208 



EXTERNAL INTERFACE 








SESSION MANAGER 






1210 


NETWORK 
SIGN-ON 


CREATE 
CERTIFICATE 


CREATE 
ACCOUNT 
PROFILE 


DISTRIBUTE 
CERTIFICATORY 
KEYS 


CONTROL 
BAD ID LIST 


SYNCHRONIZE 
DATE/TIME 


7272 




7274 


7276 




1218 




7220 


7222 












CRYPTOGRAPHY 




7226 


CLOCK/TIMER 


PUBLIC KEY 


SYMMETRIC KEY 


RANDOM NUMBER 
GENERATOR 



T 



7224 

Figure 35 A 



1228 



EXTERNAL INTERFACE 




COMMUNICATION SESSION MANAGER 


7230 






DIRECT TO * 

BANK 
SERVICES 


CRYPTOGRAPHY U38 


NETWORK 
SIGN-ON 


ROUTE MESSAGE 


SYMMETRIC KEY 


RANDOM 
NUMBER 
GENERATOR 


1 

7232 


1 

7234 


1 

7236 


1 

7240 


I 

7242 



Figure 35B 



m 



(d) 



7243 

J 



(a) 



(b) 



Money 
Module 



(i) 



(g) 



(h) 



(J) 



1 



1206 
_J . 



Network 
Server 



(c) 





(e), (f) 








Network 
Server 


-7206 



7200 




-7788 



7 784 

_| 



Security 
Server 



Figure 36 



COMMUNICATIONS A 


1244 


CCTADi ICI_I f~r\k Ak At IMI/"*A 

TIONK WITH NFTWORK 




^ 




T 




MAINTAIN SECURITY A 

If! #» 1 ■ V ■ «% 1 1 « *# mm \f III 1 I «» 




SEND CERTIFICATE TO 

NETWORK' ^PR\/PR 




t 




NS NETWORK SIGN-ON - 


■1248 


RECEIVE CERTIFICATE 




i 




NS RANDOM NUMBER 
GENERATOR 


-1250 


GENERATE RANDOM KEY K 
AND RANDOM VERlrlLAIION 
NUMBER V 




t 




NS SYMMETRIC KEY 


-1252 


ENCRYPT CERTIFICATE, K AND 
V WITH NS/SS KEY 




t 




NS NETWORK SIGN-ON 


-1254 


SEND (ENCRYPTED) 
CERTIFICATE, K AND V TO 
SECURITY SERVER 




V- 


SS NETWORK S.IGN-ON 


-1256 


RECEIVE MESSAGE 




1 


SS SYMMETRIC KEY 


-1258 


DECRYPT MESSAGE 






SS NETWORK SIGN-ON 


-1260 


STORE K.V AND SEND 
CERTIFICATE FOR VALIDATION 


1 



— x — 

Figure 37 A 




7262- 



SS PUBLIC KEY 



VALIDATE CERTIFICATE 




7286" 



SS CONTROL BAD ID LIST 



CHECK IF ID IS ON 
BAD ID LIST 



7288 




YES 



7290- 



SS RANDOM NUMBER 
GENERATOR 



7292" 



CREATE RANDOM NUMBER R 
AND VERIFICATION MESSAGE 

t 



SS NETWORK SIGN-ON 



ASSEMBLE R, VERIFICATION 
MESSAGE AND SECURITY 
SERVER CERTIFICATE 
IN A MESSAGE 



I 



7294- 



SS PUBLIC KEY 



ENCRYPT THE MESSAGE WITH 
A'S PUBLIC KEY AND 
SEND TO A 



73T 



Figure 37B 



7296 

J 




PUBLIC KEY A 



DECRYPT MESSAGE AND 
VALIDATE SECURITY SERVER'S 
CERTIFICATE 





MAINTAIN SECURITY A 



CHECK IF SECURITY SERVER ID 
IS ON THE BAD ID LIST 



7370 



7372 




YES 



SESSION MANAGER A - 7300 



NOTE SESSION TERMINATED 




7306 



SEND MESSAGE 
TRANSACTION TERMINATED 



RANDOM NUMBER 
GENERATOR A 



CREATE RANDOM NUMBER R(A) 



I 




TO BANK A 



SEND MESSAGE 
TRANSACTION TERMINATED 



END 




END 



MAINTAIN SECURITY A 



-7374 



FORM AND STORE SESSION 
KEY (MM/SS) BY R(A) XOR R 
AND ASSEMBLE MESSAGE 
WITH VERIFICATION 
MESSAGE AND R(A) 



I 



PUBLIC KEY A 



-7376 



ENCRYPT: VERIFICATION 
MESSAGE AND R(A) WITH 
SECURITY SERVER'S 
PUBLIC KEY 



Figure 37 C 




SESSION MANAGER A -7378 



SEND MESSAGE TO 
SECURITY SERVER 



SS NETWORK SIGN-ON 



-7320 



RECEIVE MESSAGE 



SS PUBLIC KEY 



-7322 



DECRYPT MESSAGE 



SS NETWORK SIGN-ON 



VERIFY VERIFICATI ON MESSAGE 
1 ~~ 



7324 



7326 




SS SYMMETRIC KEY - 7328 



FORM SESSION KEY (MM/SS) 
BY R(A) XORR 

t 



SS SESSION MANAGER 



NOTE START OF SESSION AND 
SEND ACKNOWLEDGEMENT 
TO A 



7330 



SEND MESSAGE 

SECURITY SERVE R -> A 



-7332 



SESSION MANAGER A 



-7334 



RECEIVE ACKNOWLEDGEMENT 
AND NOTE START OF SESSION 



"~F~ 



Figure 37D 




SS NETWORK SIGN-ON 



CREATE MESSAGES TO DENY ACCESS 
FOR TRANSMITTAL TO NETWORK 
SERVER AND MODULE 

I 



-1266 



> 



SS PUBLIC KEY 



-1268 



ENCRYPT MESSAGE TO MODULE 
WITH MODULE'S PUBLIC KEY 

I 



SS SESSION MANAGER 



-7270 



SEND MESSAGES TO 
NETWORK SERVER 



NS NETWORK SIGN-ON 



RECEIVE MESSAGES AND NOTE 
ACCESS DENIED. SEND 
ENCRYPTED MESSAGE TO 
MODULE AND DISCONNECT 



7272 



SESSION MANAGER A 



RECEIVE MESSAGE 



JL 



7274 



PUBLIC KEY A 



-7276 



DECRYPT MESSAGE 



3 



SESSION MANAGER A - 7278 



NOTE SIGN-ON DENIED 



7280 




7284 



NO 




TO BANK A 




► 


SEND MESSAGE 






SIGN-ON DENIED 



TO SUBSCRIBER A 



-7282 



SEND MESSAGE 
SIGN-ON DENIED 



I 

END 



(^END^) 




Figure 37 E 




CLOCK/TIMER A 



-1336 



SEND TIME AND DATE TO 
SESSION MANA GER 

t 



SESSION MANAGER A - 7333 



SEND TIME AND DATE TO 
SECURITY SERVER 



SEND MESSAGE 

A -> SECURI TY SERVER 
t — 



-1340 



SS SYNCHRONIZE 
DATE/TIME 



-7342 



RECEIVE TIME AND DATE 
CHECK TIME AND DATE 



SS SYNCHRONIZE 
DATE/TIME 



-1346 



SEND NEW TIME AND DATE 



I 



SEND MESSAGE 

SECURITY SERVER -> A 

t 



7348 



SESSION MANAGER A 



-7350 




RECEIVE TIME AND DATE 
t 



CLOCK/TIMER A 



-7352 



ADJUST TIME AND DATE 



-7364 



ASSEMBLE AS A MESSAGE: 
BAD ID LIST, NEW LIST OF 

PRIMARY SECURITY SERVER 
PUBLIC KEYS, AND PUBLIC 
KEY LENGTH 



I 




NO 



1362 



NO 



TO BANK A 



SEND MESSAGE 

CLOCK 
MALFUNCTION 



SS CREATE CERTIFICATE - 7366 



CHECK FOR GLOBAL 
RECERUFICATION 



TO SUBSCRIBER A 



-7358 



SEND MESSAGE TO SUBSCRIBER 
CLOCK MALFUNCTION 




Figure 37 F 




SEND MESSAGE 

SECURITY SERVER -> A 

t 



-7374 



PUBLIC KEY A 



-1376 



CHECK SIGNATURE 
OF MESSAGE 



7378 




PUBLIC KEY A 



-7380 



DECRYPT PRIMARY SECURITY 
SERVER PUBLIC KEY LIST 



I 



MAINTAIN SECURITY A 

UPDATE BAD ID LIST, PUBLIC 
KEY LIST, AND KEY LENGTH 



7382 



YES 



YES 




7386 



> 



MAINTAIN SECURITY A 

SEND ACKNOWLEDGEMENT 



-7436 



SEND MESSAGE 

A -> SECURITY SERVER 



-7438 



E 



Figure 37G 



9 



SS SESSION MANAGER 



-1440 



RECEIVE ACKNOWLEDGEMENT 
AND NOTE END OF SESSION 

I 



SS NETWORK SIGN-ON 



-7442 



SEND K AND V TO A 

♦ 



SEND MESSAGE 

SECURITY SERVE R -> A 

i ~ 



SESSION MANAGER A 



7444 
I-7446 



RECEIVE MES SAGE 
t 



SYMMETRIC KEY A 



-7448 



ENCRYPT V WITH K AND SEND 
TO NETWORK SERVER 

t 



NS NETWORK SIGN-ON 



RECEIVE MESSAGE 

I 



■7450 



NS SYMMETRIC KEY - 7452 



DECRYPT MESSAGE AND 
CHECK IF VIS CORRECT 



7454 




7456 



7460- 



NS NETWORK SIGN-ON 



NO 




NS NETWORK SIGNtON 


— ► 


SEND MESSAGE ACCESS 






DENIED TO A AND 
DISCONNECT 






t - 



SEND ACKNOWLEDGEMENT 
TO A 

♦ 



SESSION MANAGER A 



RECEIVE MESSAGE 

1 

7458 



7462- 



SESSION MANAGER A 



RECEIVE ACKNOWLEDGEMENT AND 
NOTE SIGNED-ON TO NETWORK 

1 




END 



Figure 37H 




MAINTAIN SECURITY A 



INITIATE GENERATION OF 
NEW CERTIFICATE 



1388 



PUBLIC KEY A 



GENERATE NEW KEYS AND 
SIGN NEW PUBLIC KEY 
WITH OLD KEY 



7390 



SESSION MANAGER A 



-1392 



SEND SIGNED NEW PUBLIC 
KEY TO SECURITY SERVER 



SEND MESSAGE 

A -> SECURITY SERVER 



-7394 



SS CREATE CERTIFICATE - 7396 



RECEIVE CERTIFICATE 
APPLICATION 



I 



SS PUBLIC KEY 



-7398 



VALIDATE SIGNATURE 




NO 



SS PUBLIC KEY 



-7402 



SIGN CERTIFICATE AND 
SEND TO MODULE 



~T~ 



Figure 371 



7404" 



7406- 



7408- 



7434" 




SESSION MANAGER A 



RECEIVE CERTIFICATE 
t 



MAINTAIN SECURITY A 



VALIDATE CERTIFICATE 
t 



PUBLIC KEY A 



VALIDATE SIGNATURE 



7470 




SESSION MANAGER A 



SEND ACKNOWLEDGEMENT 
TO SECURITY SERVER 



<5 



7432" 



TOBANKA 



REQUEST FOR RETRY 



SESSION MANAGER A -7472 



SEND 'CERTIFICATE INVALID" 
MESSAGE AND CERTIFICATE 
TO SECURITY SERVER 

I 



SS NETWORK SIGN-ON 



-7474 



RECEIVE MESSAGE 



SS PUBLIC KEY 



-7476 



VALIDATE SIGNATURE 



7478 




YES 



E> 



SS SESSION MANAGER 



-7420 



SEND MESSAGE TO NETWORK 
SERVER "DISCONNECT FROM 
NETWORK* 



NS NETWORK SIGN-ON - 7422 



SEND MESSAGE OF 
MALFUNCTION T O MODULE 



SESSION MANAGER A - 7424 



RECEIVE MESSAGE 



NO 




TO SUBSCRIBER A 



-7428 



REQUEST SUBSCRIBER FOR RETRY 



7430 



YES 




Figure 37 J 



& 




SS CREATE CERTIFICATE 



-1370 



ADD TO MESSAGE: 
MODULE SHOULD RECERTIFY 



T 



SS PUBLIC KEY 



-7372 



SIGN MESSAGE 



□ 

y 
m 

W 

13 

ifi 
!■* 

m- 
*J3 



F/gure 37K 



7464- 



SESSION MANAGER A 



CHECK IF NETWORK 
CONNECTION TO A 
MONEY MODULE OR 
SECURITY SERVER IS REQUIRED 




7468- 



SYMMETRIC KEY A 



ENCRYPT REQUIRED 
DESTINATION WITH K 



7470- 



I 



SESSION MANAGER A 



SEND NETWORK SERVER 
REQUIRED DEST INATIO N 

t 



7472" 



NETWORK SERVER 



ESTABLISH LINK TO DESTINATION B 
AND SEND ACKNOWLEDGEMENT 



7474- 



I 



SESSION MANAGER A 



RECEIVE ACKNO WLEDGEMENT 
t « = 



7476- 



MAINTAIN SECURITY A 



SEND CERTIFICATE TO 
SESSION MAN AGER 



7478- 



SESSION MANAGER A 



SEND CERTIFICATE TO B 



7480- 



SESSION MANAGER B 



RECEIVE CERTIFICATE 
T 



7482H 



MAINTAIN SECURITY B 



RECEIVE CERTIFICATE FROM 
SESSION MANAGER AND 
VALIDATE CERTIFICATE 



— T" 

Figure 38A 




MAINTAIN SECURITY B 



CHECK IF A IS ON 
BAD ID LIST 



SESSION MANAGER B - 7486 



NOTE SESSION TERMINATED 



RANDOM NUMBER 
GENERATOR B 



CREATE RANDOM 
NUMBER R(B) AND 
B VERIFICATION MESSAGE 



CLOCK/TIMER B 



RETRIEVE TIME AND DATE AND 
SEND TO MAINTAIN SECURITY 




7492 

I 



TO BANK B 



SEND MESSAGE 
TRANSACTION TERMINATED 



TO SUBSCRIBER B 



SEND MESSAGE 
TRANSACTION TERMINATED 



-7500 



MAINTAIN SECURITY B 



-7502 



ASSEMBLE R(B), B VERIFICATION 
MESSAGE, TIME AND DATE AND 
CERTIFICATE B IN A MESSAGE 



I 





END 



END 



PUBLIC KEY B 



-7504 



ENCRYPT THE MESSAGE WITH 
A'S PUBLIC KEY 



SESSION MANAGER B 



-7506 



SEND ENCRYPTED 
MESSAGE TO A 



Figure 38B 




SESSION MANAGER A - 7508 



RECEIVE MESSAGE 



PUBLIC KEY A 



DECRYPT MESSAGE 



-7570 



MAINTAIN SECURITY A 



VALIDATE CERTIFICATE 



7524 




7572 




NO 


SESSION MANAGER A 


> ► 


NOTE SESSION TERMINATED 



7576 



7578. 



MAINTAIN SECURITY A 



CHECK IF B'S ID IS ON 
BAD ID LIST 



7526 




MAINTAIN SECURITY A 



-7528 



RETRIEVE TIME AND DATE AND 
COMPARE TO B'S TIME AND DATE 




\ MM? 






1520 YES 

1 T 




. 7522 


TO SUBSCRIBER A 




TO BANK A 


SEND MESSAGE 
TRANSACTION 
TERMINATED 




SEND MESSAGE 
TRANSACTION 
TERMINATED 



F 



END 




END 



7530 




RANDOM NUMBER 
GENERATOR A 



-7532 



CREATE RANDOM NUMBER R(A) 
AND A VERIFICATION MESSAGE 



0 



Figure 38C 




MAINTAIN SECURITY A 



-7534 



FORM SESSION KEY BY R(A) XOR 
R(B). ASSEMBLE A VERIFICATION 
AND B VERIFICATION MESSAGES, 
TIME, DATE, AND R(A) 

t 



PUBLIC KEY A 



ENCRYPT THE MESSAGE WITH 
B'S PUBLIC KEY 



7536 



SESSION MANAGER A 



-7538 



SEND MESSAGE TO B 



SESSION MANAGER B 



-7540 



RECEIVE MESSAGE 



PUBLIC KEY B 



-7542 



DECRYPT MESSAGE 



T 



MAINTAIN SECURITY B 



CHECK B VERIFICATION MESSAGE 



7546 




7544 



MAINTAIN SECURITY B - 7548 



FORM SESSION KEY R(A) XOR 
R(B). RETRIEVE TIME AND DATE 
FROM CLOCK/TIMER AND COM- 
PARE TO AS TIME AND DATE 



Figure 38D 



7550 



DATE OUT OF 
.RANGER 

NO 



YES 



SESSION MANAGER B 



NOTE START OF SESSION 



7552 



SESSION MANAGER B - 7554 



SEND ACKNOWLEDGEMENT AND 
A VERIFICATION MESSAGE TO A 



SEND MESSAGE 

B-> A 



-7556 



SESSION MANAGER A - 7558 



RECEIVE ACKNOWLEDGEMENT 
AND A VERIFICATION MESSAGE 

1 



MAINTAIN SECURITY A - 7560 



CHECK A VERIFICATION MESSAGE 



7562 




NO 



SESSION MANAGER A - 7564 



NOTE START OF SESSION 



(^ return ) 



Figure 38E 



NOTE DIRECTORY X - 1566 



CHOOSE NOTE(S) AND VALUES 
FOR TRANSFER 

i 



NOTES X 



-7568 



CREATE TRANSFER FOR 
EACH NOTE 

I 



PUBLIC KEYX 



-1570 



CREATE SIGNATURES FOR 
THE NO TE(S) 

t ~ 



PACKET MANAGER X - 7572 



ASSEMBLE NOTE(S), 
TRANSFER(S), SIGNATURE(S) IN 
A PACKET AND SEND TOY 



SEND MESSAGE 

X->Y 



-7574 



PACKET MANAGER Y 



-7576 



RECEIVE PACKET AND 
DISASSE MBLE 

t 



VERIFIER Y 



-7578 



VALIDATE CERTIFICATES, VERIFY 
TRANSFERS TO CERTIFICATES, 
AND TOTAL AMOUNT 



7580 





ABORT TRANSACTION 

Y->X 




END 



Figure 39A 



7588 



YES 




7590- 



VERIFIERY 



CHECK EACH TRANSFER ID 
TO THE BAD ID LIST 



<3 




YES 

-« C MATCH? 



7584 



7586- 


VERIFIERY 


YES 




VERIFY EXPIRATION DATES 


< 




PUBLIC KEY Y 



-7594 



VERIFY SIGNATURES 



7596 




NO 



NOTES Y 



-7598 



PLACE NOTES IN HOLDER 
t 



NOTE DIRECTION Y 



-7600 



UPDATE NOTE LOCATION 
AND AMOUNT 



( Return ) 



Figure 39B 



A AGREES TO EXCHANGE 
WITH B $ FOR £ AT 
RATE = $/£ 



f 



T 



-1602 



A SIGNS ON MONEY 
MODULE 



TO SUBSCRIBER A 



PROMPT FOR TRANSACTION 



7604 
-7608 



7606- 



1 



7670- 



B SIGNS ON MONEY 
MODULE 

T. 



TO SUBSCRIBER B 



PROMPT FOR TRANSACTION 



A CHOOSES TO BUY 
FOREIGN EXCHANGE 



T 



-7672 

SESSION MANAGER A H676 



7674- 



ESTABLISH COMMUNICATION 



7678- 



B CHOOSES TO SELL 
FOREIGN EXCHANGE 

I 



SESSION MANAGER B 



ESTABLISH COMMUNICATION 



X 



ESTABLISH SESSION 

A->B 
I 



-7620 



TO SUBSCRIBER A 



-7622 



PROMPT FOR AMOUNT BY TYPE 
OF NOTE OF $ 

i 



& 



PAY/EXCHANGE A 



-7624 



7636 



RECEIVE AMOUNT BY TYPE 
OF NOTE 



NOTE DIRECTORY A 



-7626 



CHECK SUFFICIENT FUNDS 



PAY/EXCHANGE A 



SEND $ AMOUNT 
BY TYPE OF NOTE TO B 





7630 



TO SUBSCRIBER A 



PROMPT FOR NEW AMOUNT 
BY TYPE OF NOTE 




END 

Figure 40A 



ABORT TRANSACTION 

A->B 




SEND MESSAGE 

A-> B 



& 



-1638 



TO SUBSCRIBER B 



-7640 



PROMPT TO SELECT 
AMOUNT OF £ OR RATE 



NOTE DIRECTORY B 



CHECK SUFFICIENT FUNDS 



7642 



7644 




7646" 



TO SUBSCRIBER B 



PROMPT FOR A NEW RATE 




7650- 



PAY/EXCHANGE B 



SEND INSUFFICIENT FUNDS 
MESSAGE TO A 



7652- 



SEND MESSAGE 


B- 


•> A 




r 



<3> 



7654 
_L 



PAY/EXCHANGE B 



SEND ACKNOWLEDGEMENT 
OF AMOUNT OF £ AND RATE 



7656 



SEND MESSAGE 

B-> A 



TO SUBSCRIBER A 



PROMPT TO VERIFY AMOUNT 
OF £ AND RATE 



7658 



Figure 40B 




7672- 



PAY/EXCHANGE A 



PASS $ AMOUNT TO MONEY 
HOLDER, 



± 



7674- 



TRANSFER NOTES 

A-> B 



7676- 



PAY/EXCHANGE B 



PASS £ AMOUNT TO MONEY 
HOLDER 



7678- 



TRANSFER NOTES 

B-> A 



PAY/EXCHANGE A 



.-7662 



SEND VALUES INCORRECT 
MESSAGE 



SEND MESSAGE 

A -> B 



-7664 



TO SUBSCRIBER B 



-7666 



PROMPT FOR NEW RATE 




Figure 40C 




TRAN LOG A 



-7680 



CONDITIONAL UPDATE LOG 
TRANSFER S(X)-> S(X) 



SESSION MANAGER A - 7682 



SEND MESSAGE LOG 
UPDATED 



SEND MESSAGE 

A-->B 

I 



-7684 



TRAN LOG B 



-7686 



CONDITIONAL UPDATE LOG 
TRANSFER S(X) -> S(X) 



7688 



NO 



7694 

j 




SESSION MANAGER B 



SEND MESSAGE -START 
COMMIT 



7696 



TRAN LOG B 



-7690 



SEND MESSAGE 

B->A 



SET LOG UPDATE 
UNCONDITIONAL 

I 



COMMIT 

B -> A 



TRAN LOG A 



-7698 



SET LOG UPDATE 
UNCONDITIONAL 



I 



(^END^) 



-7692 



COMMIT 

A -> B 




-7700 



END 



Figure 40D 



SESSION MANAGER X - 7702 



SEND READY-TO-COMMIT 
MESSAGE 



I 



SEND MESSAGE 

X->Y 

f 



-7704 



SESSION MANAGER Y 



-7706 



7778 



SEND ACKNOWLEDGEMENT 



SEND MESSAGE 

Y->X 



— i 

7708 



TRAN LOG X 



UPDATE TRAN LOG 



7770 
_! 



TRAN LOG Y 




UPDATE TRAN LOG 



1712 



TO SUBSCRIBER X 



NOTIFY SUBSCRIBER END OF 
TRANSACTION 

I 



7774- 




SESSION MANAGER X 



-7724 



NOTE END OF SESSION 



( ^END^ ) 



7776" 



NOTIFY SUBSCRIBER END OF 
TRANSACTION 

H = 



SESSION MANAGER Y 



NOTE END OF SESSION 




END 



Figure 41 



SESSION MANAGER X 



-7726 



ROLL-BACK CHANGES AND 
NOTE TRANSACTION ABORTED 



T 



SESSION MANAGER X 



CHECK IF READY-TO-COMMIT 
MESSAGE SENT 



7730 



NO 




7728 



TRAN LOG X 



-7732 



UPDATE TRAN LOG 



7734 



7744 



TO SUBSCRIBER X 



SEND MESSAGE: 
TRANSACTION ABORTED 



NO 




REVERSE ACCOUNTING 
TRANSACTIONS 



TO SUBSCRIBER X 



SEND MESSAGE: TRANSACTION 
ABORTED AND POSSIBLE MONEY 
TRANSFER ERROR 

I 



7738 



7746- 



SESSION MANAGER X 



SEND MESSAGE TO Y THAT 
TRANSACTION CANNOT BE 
COMPLETED 



Figure 42A 




SEND MESSAGE 

X -> Y 



-7748 



SESSION MANAGER Y -1750 



ROLL-BACK CHANGES AND 
NOTE TRANSACTION ABORTED 

T 



7752 



7754- 




7756 



NO 



TO SUBSCRIBER Y 



SEND MESSAGE 
TRANSACTION ABORTED 




TO BANK Y 



REVERSE ACCOUNTING 
TRANSACTIONS 



7758 



Figure 42B 




A AGREES TO PURCHASE 
PRODUCTS OR SERVICES 
FROMB 



-7760 



I 



A SIGNS ON MONEY 
MODULE 



-7762 



7768- 



1 



B ASSIGNS VALUE TO PURCHASE 



JL 



TO SUBSCRIBER A 



-7764 



PROMPT FOR TRANSACTION 



I 



7770- TO SUBSCRIBER B 



I 



PROMPT FOR TRANSACTION 



A CHOOSES TO MAKE 
POS PAYMENT 



-7766 



7772- 



B CHOOSES TO RECEIVE 
POS PAYMENT 



SESSION MANAGER A 



-7775 



ESTABLISH COMMUNI CATION 
1 



7774- 



I 



SESSION MANAGER B 



ESTABLISH COMMUNICATION 



T 



I 



& 



ESTABLISH SESSION 

B~> A 

t — 



7776 



TO SUBSCRIBER B 



-7778 



PROMPT FOR AMOUNT 
OF PAYMENT 



PAY/EXCHANGE B 



-7780 



RECEIVE AMOUNT AND 
SEND TO A 



I 



SEND MESSAGE 

8-> A 



-7782 



TO SUBSCRIBER A 



-7784 



PROMPT SUBSCRIBER TO VERIFY 
AMOUNT AND TO CHOOSE 
AMOUNTS BY TYPE OF NOTE 
(TOTAL = REQUESTED AMOUNT) 



Figure 43A 



7788 
i 




PAY/EXCHANGE A 


NO 


SEND MESSAGE 


^ < 


AMOUNT INCORRECT 





1786 



0 




PAY/EXCHANGE A 



-7798 



RECEIVE AMOUNTS BY TYPE 
OF NOTE 



NOTE DIRECTORY A - 7 800 



CHECK SUFFICIENT FUNDS BY 
TYPE OF NOTE 



NO 



7802 

'SUFFICIENT" 









7804 

i 1 


r 


^f"YES 


TO SUBSCRIBER A 




PAY/EXCHANGE A 


PROMPT FOR NEW 
AMOUNTS BY TYPE OF NOTE 




PASS AMOUNT TO 
MONEY HOLDER 



-7870 




TRANSFER NOTES 

A-> B 



7872 



COMMIT 

8-> A 

(^ JND^ ) 



-7874 



Figure 43B 




PAY/EXCHANGE A 



SEND MESSAGE TO B 
INSUFF ICIENT FUNDS 

Hr 



SEND MESSAGE 

A-> B 



TO SUBSCRIBERS 

PROMPT HOST FOR 
NEW AMOUNT 



-7808 



-7790 



-7792 




-7796 



Figure 43C 



• 



4 



TRANSACTION MONEY MODULE \- 1816 



SELECT BANK ACCESS TO 
LINK ACCOUNTS 



1 



TRANSACTION MONEY MODULE 



-7878 



ESTABLISH SESSION WITH SECURITY 
SERVER 

I 



TRANSACTION MONEY MODULE 



-7820 



SEND LINK ACCOUNTS REQUEST TO 
SECURITY SERVER WITH CURRENT 
BANK PROFILE (IF AVAILABLE) 



T 



SECURITY SERVER 



-7822 



RECEIVE REQUEST 
(AND BANK PR OFILE) 



SECURITY SERVER 



-7824 



ESTABLISH SESSION WITH 
CUSTOMER SERVICE 
MODULE (CSM) 



I 



SECURITY SERVER 



-7826 



SEND REQUEST 
(AND BANK PR OFILE) TO CSM 



PRESENT IDENTIFICATION TO 
BANK CUSTOMER 
SERVICE REPRESENTATIVE 



-7828 



A 



CSM 



-7830 



ENTER CUSTOMER NAME AND 
ACCESS CUSTOMER 
ACCOUNT-LIST FROM BANK 
SYSTEMS 



Figure 44A 



0 



4 




SELECT ACCOUNTS TO BE 
LINKED FOR ACCESS BY V 1832 
TRANSACTION MONEY MODULE 



I 



CSM 



NOTE ACCOUNTS TO BE 
LINKED 

T 



7834 



CHECK ACCOUNT LINKS 



-7836 



7840 



7838 



U 



ABORT 

CSM --> SECUR ITY SERVER 



YES 



ABORT 

SECURITY SERVER -> 
MONEY MODULE 



1842 




END 




CSM 



-7844 



SEND ACCOUNT PROFILE TO 
SECURITY S ERVER 

t ~ 



SECURITY SERVER 



-7846 



SIGN NEW PR OFILE 

♦ 



SECURITY SERVER 



-7848 



SEND SIGNED PROFILE TO 
TRANSACTION MONEY MODULE 



I 



COMMIT 

MONEY MODULE -> 
SECURITY SERVER 



T 



-7850 



COMMIT 

SECURITY SERVER -> CSM 



-7852 




END 



Figure 44B 



